tag | cc1119eb08adfc1b1f174ab00b55ac4b8ab05475 | |
---|---|---|
tagger | The Android Open Source Project <initial-contribution@android.com> | Fri Sep 06 15:06:35 2019 -0700 |
object | e1af0f34739e8627bd031599fa03e2e3729d5c0b |
Android 8.0.0 release 38
commit | e1af0f34739e8627bd031599fa03e2e3729d5c0b | [log] [tgz] |
---|---|---|
author | Jeff Sharkey <jsharkey@android.com> | Fri Jun 01 10:49:40 2018 -0600 |
committer | Ryan Longair <rlongair@google.com> | Tue Jun 12 11:24:12 2018 -0700 |
tree | 844d1542eeca47097525c5487cf2fba17066e12f | |
parent | 09fddd4752b0ca3038a830c4c1aa527c770295a2 [diff] |
Ignore quotes in safe_print(). If the value being printed has embedded quotes ("), then printing those quotes could confuse other tools when parsing the value. This is the simplest CL to fix the security issue, and we can circle back to think about more robust escaping in a future CL. Bug: 80436257 Test: manual Change-Id: Ica17f2c5701573bceafe34f20110d230a3925483 (cherry picked from commit efe90c297a8df591c051fdbfacb92b5283390bba)